Big Brother and Big Sister reign in the United Kingdom since the Regulation of Investigatory Powers (RIP) Act became effective on Oct. 5. The RIP authorizes the government to demand encryption keys to all data communications, requires U.K. ISPs to establish secure channels to the headquarters of the national intelligence agency, MI5, to transmit information about Internet traffic and includes a prison term as long as two years for those who do not comply with the order.
If a company official – usually an IT manager directly contacted by MI5 agents – is asked to surrender an encryption key to the government, that individual is barred by law from telling anyone else. Employees who don’t want to be guilty of this “tipping-off” offence could leave a multinational company vulnerable to having what it assumes is secure, proprietary data scrutinized by government agencies. Employees following the law cannot be fired and cannot be sued by their company or by someone outside that company if the information released pertains to that person.
The new law has U.K. business leaders worrying that the country’s stand-alone position could render it an e-commerce pariah. But Home Office Minister Charles Clarke said during a House of Commons debate, “given the comments made in the overseas media…we must explain why we do not believe [the bill] poses a threat to e-commerce in Britain” and “propaganda is needed” to reeducate the public about the bill’s benefits.